FinCEN Files: All You Need To Know About The Leak

The latest industry news, interviews, technologies, and resources.
Dec 15, 2020
5 min read

The entire financial and banking world has once again been shaken to its core. It’s only been a couple of months since sources at Buzzfeed and the International Consortium of Investigative Journalists (ICIJ) broke the story about the FinCEN papers. 

The FinCEN papers are documents that point to an industrial level money laundering scheme run and assisted by some of the world’s biggest banks. 

From the Panama Papers, to WikiLeaks and the Paradise Papers, the past decade has not been shy of big revelations and document leaks. 

What makes this leak even more important than the aforementioned scandals is the fact that FinCEN papers do not just concern a couple of companies but a number of banks assisting Ponzi schemes, and terrorists in their attempts to launder money. 

The list of revelations is jaw-dropping:

  • HSBC permitted the illegal circulation of dirty money, disobeying the advice of US investigators (ICIJ)
  • JP Morgan authorized a $1bn London account without basic KYC principles. It is believed that the account belonged to a criminal on the FBI's 10 Most Wanted list. 
  • A close friend  of Russian President Vladimir Putin was allowed to use a Barclays bank account to avoid sanctions which prevented him from using any sort of financial services in the west. (BBC
  • The husband of a donor with contributions of more than £1.7 million to the Conservative Party was secretly funded by one of President Putin’s closest associates. (BBC
  • An excess of 3,000 UK companies are found in the FinCEN files. (ICAEW
  • Famous Russian Chelsea owner Roman Abramovich had a stake in rival footballers through an offshore company. (BBC
  • UAE central bank failed to prevent Iran sanctions evasion. (BBC
  • Deutsche Bank acted as a money laundering shield for organised crime, terrorists and drug traffickers. (BuzzFeed News)

The names and the severity of the crimes are staggering. The role of KYC in the battle against cybercrime will suddenly become a headline, instfead of a byline as banks have dug themselves in a hole. 

What has held banks afloat amidst the FinTech revolution has been people’s affinity to tradition and habit. Banks built equity with people, winning over their trust after years and years of being the only way to handle, store and manage their finances. 

With revelations like these, that trust is going out of the window. Not only are banks going under the microscope on their ability to perform basic KYC, identification and money-laundering mistakes, but a lot of questions will need to be asked about their intentions, credibility and trustworthiness. These incidents were not mistakes, but organised incidents from people on the inside. 

The FinCEN files leak shed light on a broken system. It’s not about a specific incident, a specific person or a specific bank. Here’s what Rachel Woolley, director of financial crime at regulatory consultancy Fenergo, had to say about the leak. 

The FinCEN files exposed systemic failure across the entire financial system and industry. Fines are on the up, over $40 billion since the financial crisis, but is this really a deterrent to the financial institutions that facilitate money laundering? In comparison to the trillions of dollars that illegally move around, these look like a simple cost of doing business.”

What Can We Learn From The FinCEN Files Leak?

Winston Churchill famously said “Never let a good crisis go to waste” and this couldn’t be more fitting than this crisis. The FinCEN files exposed the shortcomings of an entire industry, pointing to the fact that we might have been looking at KYC wrong this whole time. 

For any of this to make sense, we firstly need to talk about the broken process that led to the whole FinCEN incident in the first place: Suspicious Activity Reports (SARs). 

SARs are filed by organizations and financial institutions to flag any unusual transactional or financial behaviour by a customer. This report is meant for the authorities and is designed to ensure that financial institutions can share suspicious information with a law enforcement agency. By sharing this information they not only have help in clearing out the nature of the unusual behaviour, but they are also clearing themselves as possible accomplices to corroborating criminal activity. 

As you can imagine, the intended use of SARs and the actual use of SARs were two completely different things and this is exactly why the FinCEN files leak happened in the first place. 

Below, you will find a set of questions that if and when answered, can give us the foundation to learn and fix the broken process:

  • Are SARs merely used to tick a box in the KYC process? How many of these reports were actually investigated and led to an escalation involving law enforcement? 
  • If any cases were opened due to SARs, how many of those led to actual convictions or court rulings? 
  • What are the reasons stopping law enforcement being involved in this case? Is the SARs process defective or are law enforcement agencies not given the authority they need to intervene?

  • How can we structure the SAR system to make it more effective? How can we shorten the distance between filing a SAR and law enforcement taking things into their own hands?


Wherever there is money, there will be malicious intent and criminal activity but that shouldn’t stop us from striving to perfect safeguards and processes. If there is anything the FinCEN files incident has taught us is that technology will once again play a major role in combating financial crime and enhancing proper KYC processes and reporting.

Ready to get started?
Empower your platform with Identomat's cutting-edge KYC and AML ID verification.
Book a demo
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.